Microsoft Windows SMB Registry : Registry HKLM_LOCAL_MACHINE Permissions

This script is Copyright (C) 2000-2015 Tenable Network Security, Inc.


Synopsis :

System settings are writable by non admin.

Description :

The registry key HKEY_LOCAL_MACHINE is writeable by users who are not
in the admin group.

This allows these users to create a lot of keys on that machine, thus
they can probably to get admin easily.

Such a configuration probably means that the system has been
compromised.

Solution :

use regedt32 and set the permissions of this key to :

- admin group : Full Control
- system : Full Control
- everyone : Read

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Windows

Nessus Plugin ID: 10427 ()

Bugtraq ID:

CVE ID: CVE-1999-0589

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now